60% of large companies in Baltics concerned about cybersecurity - survey

  • 2025-01-13
  • LETA/BNS/TBT Staff

TALLINN - Large companies in the Baltic countries are paying more and more attention to cyber risks, which are associated with an increase in cybercrime both in the Baltics and more broadly, a survey of chief financial officers (CFOs) of large Baltic companies conducted by SEB indicates.

"CFOs are increasingly aware of the significant risks posed by cyberattacks, realizing that cybersecurity is about more than just compliance. It is known that the possible financial and reputational damage from a cyberattack is a much more serious matter than regulatory fines or sanctions," said Andrus Tamm, head of product development and technology at SEB Estonia.

Across all the Baltic countries, respondents highlighted the fact that cyber threats are constantly evolving and becoming more sophisticated as a central risk. Around 60 percent of respondents in Estonia and Latvia consider this to be the biggest threat, compared with around half in Lithuania. In Lithuania, meanwhile, a full 23 percent cited financial fraud and attacks on email systems (BEC) as the main problem, compared to 15 percent in Estonia and Latvia. Other major problems include data leaks and non-compliance with regulatory requirements such as GDPR, cited by around 15 percent of respondents in all three countries.

The study also examined who is responsible for cybersecurity in organizations, revealing significant differences between the countries. In Lithuania, 65 percent of respondents said the responsibility lies with their chief IT or technology officer, while in Estonia and Latvia, the share of such responses was slightly below 50 percent, with the responsibility being more evenly distributed. In Estonia, 18 percent of organizations have the CEO responsible for cybersecurity, and 15 percent have the CFO in charge. Nine percent of Estonian respondents said that no one in their organization was assigned this role.

"It is encouraging that 70 percent of the respondents stated that responsibility for cybersecurity falls within the competence of their top executives. But some companies still don't see cyber risks as a critical business issue. Instead, they delegate this responsibility downwards, treating it merely as an IT problem and not as a strategic issue, which is not right," Tamm said.

SEB's annual survey of CFOs of large enterprises was conducted in September 2024. In total 302 CFOs of large Baltic companies responded to the survey: 85 in Estonia, 110 in Latvia and 107 in Lithuania. As a rule, the annual turnover of the companies participating in the survey is more than 20 million euros.